Re: [Suit] draft-moran-suit-manifest-04 - prescriptive

Brendan Moran <> Thu, 21 March 2019 16:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5DE4813145E for <>; Thu, 21 Mar 2019 09:18:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 0sVxsYjp4S8U for <>; Thu, 21 Mar 2019 09:18:53 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 30C51131441 for <>; Thu, 21 Mar 2019 09:18:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fhgb2JWYLSeVLk/dJBcALg52HC3rPRpQSXasWi4Me28=; b=gtiMwMagm1bflBbgZA88s3UI8ZJ8MGHRA7doi481aIuFUP60X0QVbbwaka+P4GwfljEOnkX4LiBzitSIauJ5UuZ88Y9LrF/7tUbqZgwunrDrqiTjPG4UbwavFvyAL5ITBDdsM3ZBfeE0XhXub7sjHeubpbmtg2dsY28TrFQVBRk=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1709.14; Thu, 21 Mar 2019 16:18:48 +0000
Received: from ([fe80::180:d5be:c56c:c222]) by ([fe80::180:d5be:c56c:c222%4]) with mapi id 15.20.1730.013; Thu, 21 Mar 2019 16:18:48 +0000
From: Brendan Moran <>
To: Martin Pagel <>
CC: "" <>
Thread-Topic: draft-moran-suit-manifest-04 - prescriptive
Thread-Index: AdTbfYV7dO45RdMkQRKtZzBYR1IzsAEhD4AA
Date: Thu, 21 Mar 2019 16:18:48 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-mailer: Apple Mail (2.3445.102.3)
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 001651b9-d821-4ff4-4436-08d6ae18e675
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4618075)(2017052603328)(7153060)(7193020); SRVR:DB6PR0801MB2006;
x-ms-traffictypediagnostic: DB6PR0801MB2006:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <>
x-forefront-prvs: 0983EAD6B2
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(366004)(136003)(346002)(396003)(376002)(51444003)(13464003)(40434004)(199004)(189003)(2906002)(99286004)(14444005)(8936002)(8676002)(1511001)(5024004)(86362001)(229853002)(256004)(57306001)(6916009)(6506007)(71200400001)(6306002)(305945005)(36756003)(72206003)(26005)(45080400002)(966005)(71190400001)(53936002)(478600001)(6486002)(83716004)(76176011)(33656002)(7736002)(6436002)(102836004)(53546011)(4326008)(82746002)(446003)(476003)(14454004)(66066001)(6246003)(6512007)(105586002)(50226002)(68736007)(2616005)(5660300002)(186003)(486006)(81166006)(316002)(11346002)(3846002)(81156014)(25786009)(97736004)(106356001)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0801MB2006;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Wqgzq0pF+WLrConLTiy6pkCALq1fXVrdcJOPz/YAONL7+lE6Q5uFcDwCpH/i7N4HEkFrYsB0GFpiKUiAiM9BB4+vhZPKWKzYTjAmzWxb6vUnHCgKg6yuj595s3n0u6mlpv5uVUX/sAR9YF4fhu1T7BALvT7wZ6youYkji+9+7mrwOBqnjk8lNfYg6eROXlNEglROBogEMo+6/E1sJmV4Zs2Cjxos4m1WoWEpb3mSbsfSyCVcBweQEbkmuV8faOHYlG+o1ooafDDYV0zKYF3dPgzyquHC30nMm9w54te9RptiJ3L//pEpS7fXdpQMfQbnSdfNO++UyRhosdl5MY8HkWc/iP6j3IQVwZg54dahUX2WAFIkBXnAipgq/Dn8fb0OSb3Vl/gwGD8haaAnzzPJeOKA1HIdR786l4zP5u998g4=
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 001651b9-d821-4ff4-4436-08d6ae18e675
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2019 16:18:48.7696 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0801MB2006
Archived-At: <>
Subject: Re: [Suit] draft-moran-suit-manifest-04 - prescriptive
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Mar 2019 16:19:01 -0000

Hi Martin,

My intent is to produce a generic interpreter. My hope is to make it small enough that it is reasonable to include on very constrained platforms. It’s not really intended for use with none of the scripts populated.

Component IDs:
I don’t think I’ve explained component ID well enough. It’s supposed to be a machine-readable path. To that end, it’s an array of binary strings, which makes it simple for devices to parse. The example I gave was human readable to make it easier to illustrate the point. However, when a device has two places that it can store a payload, it would be possible to use component IDs [h’00’] and [h’01]. If you want a component ID that lets you use an arbitrary offset into flash, then you could have a system as follows:
1. The first element of the Component ID indicates which storage subsystem to use (internal flash, or external SPI flash, for example)
2. For internal flash, the second element could represent an offset.
3. For external SPI flash, the second element could indicate the file name or directory to use.

If internal flash is represented as h’00’ then the component ID for an internal flash target with offset 0 would be: [h’00’,h’00’]
With an offset of 0x400, the component ID would be: [h’00’,h’0400’] (in big-endian notation)
If external flash is represented as h’01’ then the component ID for a temp file on external flash with path “/tmp/example” could be represented as either:

[h’01’, "/tmp/example”]
[h’01’, “tmp”, “example”]

Because “paths” are extremely application dependent, we have tried to avoid specifying this behaviour much. Perhaps it would be helpful to add a few more examples.

Using a mechanism to specify a URI relative path is interesting. How do you see that interacting with the prioritised list of URIs? Another option would be to simply compress the manifest. This is not an option on small devices, but a device that can accept 10 images is not a small device, so a minimal compression library may be a viable option.

I think we should consider adding in some mechanism to deal with this, but I think we should first study whether compression is the right answer.

Dependencies, Unpacking:
You’re right, there aren’t examples of all features. That’s certainly something we want to work towards!

Best Regards,

> On 15 Mar 2019, at 23:20, Martin Pagel <> wrote:
> Hi Brendan,
> This an impressive re-draft, it's almost a new/separate manifest approach all together. I like the switch from a descriptive approach to a prescriptive one and the fact that the manifest is quite small for the basic cases.
> Is your goal to develop a generic installer which could interpret the "script" (apply-image and run-image sections) and apply any number of images on a fairly complicated MCU configuration? (It reminds me a bit of the setup.inf scripting capabilities I added in Windows 2.0) I think that would be quite intriguing for more sophisticated MCUs, but I would expect very constrained MCUs (like the one targeted by MCUBoot) to use a special purpose installer. But because the "script" portions of the manifest are optional, none would need to be present for those cases, correct?
> Here are a few specific comments and questions:
> * Component Id
> I understand the first parameter is a bstr for name, but what's the second (numeric) parameter? Is that some type of offset? Did I miss the explanation for this parameter?
> * URIs
> If you need to install 10 images, the URIs take up a lot of space and there is a good chance they all have the same base URL. How about allowing to specify the base URL and append the component name to that URL?
> * Dependency, Unpacking...
> The examples are very useful, but only cover a few manifest options. Can you provide some more examples to cover dependency blocks, unpacking, run_sequence etc?
> Thanks
> Martin
> -----Original Message-----
> From: Suit <> On Behalf Of Brendan Moran
> Sent: Tuesday, March 12, 2019 3:35 AM
> To:
> Subject: [Suit] Introducing draft-moran-suit-manifest-04
> draft-moran-suit-manifest-04 has now been published.
> This draft is the result of combining the information model in draft-moran-suit-behavioural-manifests-00 (the 01 version fixes example formatting only) with that in draft-ietf-suit-information-model, then serialising the result in CBOR. This is a significant departure from previous drafts. It attempts to preserve flexibility, fully define the behaviour of recipient, simplify the manifest structure, reduce code-size of the recipient, and reduce the size of the manifest. This ambitious set of goals required a significant change in approach as compared to draft-moran-suit-manifest-03 and before. In order to outline the approach clearly, we have separately published draft-moran-suit-behavioural-manifests-00. draft-moran-suit-manifest-04 focuses more on the serialisation of the manifest.
> I look forward to discussing this draft in more detail.
> Best Regards,
> Brendan
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
> _______________________________________________
> Suit mailing list

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.